'Re: [oss-security] CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed
From:       Nick Boyce <nick.boyce () gmail ! com>
Date:       2020-01-23 15:17:27
Message-ID: CACqxkW+KKgmqZmEeardoPrSQGDccoRnQiCvg-T2qYuqTKgSXAA () mail ! gmail ! com
[Download RAW message or body]

On Wed, 22 Jan 2020 at 13:24, Matthias Gerstner
<matthias.gerstner@suse.de> wrote:
>
> > > Should we tell the site owner his site may have been stolen ?
> >
> > Hmm I never bothered to look deeper into the website but now that you're
> > pointing to it, it looks strange. I can give the upstream author a hint,
[...]
> I have heard back from the author and he told me that storebackup.org
> never was owned by him, but created by some user of storeBackup
[...]
> The official upstream website is on GNU Savannah [1].
> [1]: https://savannah.nongnu.org/projects/storebackup

Thanks Matthias for the clarification.

Nick
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic